-
Notifications
You must be signed in to change notification settings - Fork 3
Service: OAuth2 Authorization Code
** WARNING: This service has been updated to use HTTP GET method. HTTP POST method has been deprecated and will be removed in API v1.1.
redirects the user-agent to the client redirect URI with an authorization code. The authorization code should be exchanged with an access token at the token endpoint.
Kalamar as the web user interface of KorAP provides the authorization endpoint and a user authentication interface. This service requires user authentication token in the Authorization header of the request sent by Kalamar.
Available in: full version
Method: GET (POST is deprecated and discouraged)
Service URL: root/oauth2/authorize
Header Parameters
| Name | Required | Description | Value |
|---|---|---|---|
| Authorization | yes | HTTP authentication with scheme: Bearer | OAuth2 access token |
Query parameters
| Name | Required | Description | Type | Example |
|---|---|---|---|---|
| response_type | yes | The requested type of response. Only code is supported. | String | code |
| client_id | yes | The client identifier obtained on client registration. | String | |
| redirect_uri | no, if it has been registered | The callback URI where the authorization code will be sent. It must be identical to the redirect URI registered on client registration. The URI must be encoded by using URL / Percent encoding. | String | |
| scope | yes | The requested authorization scopes separated by space. | String | search match_info vc_info |
| state | no, recommended | Any string value encoded in Base64 used to store specific data and/or prevent Cross-Site Request Forgery (CSRF) attacks. It will be returned unmodified and should be verified at the client side. | String |
Request
curl --verbose
-H 'Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQ='
'http://localhost:8089/api/oauth2/authorize?response_type=code&client_id=fCBbQkA2YzIxYmY1Ng==&redirect_uri=http%3A%2F%2Fexample.client.com%2Fredirect
&scope=search&state=8lv2i7stdgp5u1'
Response
< HTTP/1.1 307 Temporary Redirect
< Date: Wed, 04 Jul 2018 14:52:05 GMT
< Location: http://example.client.com/redirect?code=e9f492cce19f78f4ccfa1bd309760250
&scope=search&state=8lv2i7stdgp5u1
< Content-Type: application/json;charset=utf-8
< Content-Length: 0
< Server: Jetty(9.4.8.v20171121)
Hardt, D., Ed., The OAuth 2.0 Authorization Framework, RFC 6749, October 2012. [Online]. Available: https://tools.ietf.org/html/rfc6749
Parecki, Aaron. OAuth 2.0 Servers. [Online]. Available: https://www.oauth.com/
- Importing Kustvakt to Eclipse
- Installing Lombok
- Setting annotation processors
- Setting a test environment
- HTTP Basic Authentication
- OAuth2 authorization scopes
- OAuth2 authorization request
- OAuth2 token request
- OAuth2 token revocation
- OAuth2 client registration
- OAuth2 client info
- OAuth2 client deregistration
- OAuth2 client secret reset
- Plugin registration
- Plugin list (marketplace)
- Plugin installation
- Plugin uninstallation
- Installed plugin list
- VC creation and update
- VC deletion
- VC list
- VC info
- VC KoralQuery
- VC statistics
- VC statistics with KoralQuery